If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Aircrack-ng on ipod touch 2g

I have spent a couple days searching the web for a solution to this problem, and before anyone asks me anything such as "why do that" or "what's wrong with [blank]" the answer is "Because I think I can".

A brief outline of the issue so far:

I have installed aircrack-ng on my iPod to off-load some of the pentesting tasks from my MacBook and desktop boxes. I am experienced with using aircrack-ng/airodump-ng/aireplay-ng etc. I am familiar with most app-based techniques in terminal, and the like.

My question:

is there any reason anyone can think of why a .cap file generated in bt4r2 with airodump-ng would not be compatible with the ipod version of aircrack-ng? I ask this because even though I have succeeded in getting aircrack-ng to run on my ipod, open my .cap file and my dictionary, it says the .cap file contains no valid wpa handshake.....despite the fact that the exact same file opens just jim-dandy on my desktop and on my macbook using the same bt4r2 DvD. I have verified the integrity of the ipod's .cap file down to the last byte, as well as having tested this against multiple different .cap files, all with the same results: No valid handshake.

what gives?

Thanks

ED: Just to re-cap, as it may not be clear why I'm asking this here, rather than on the Aircrack-ng forum(they say since it's involving an aircrack that you use in bt4r2, I need to ask you guys about it)because it's concerning a file created by the version of airodump-ng that you guys bundle in with BT.
The exact trouble is the file created with the DVD version of airodump-ng (without apt-get) is creating a .cap file which appears to be incompatible with this other version of aircrack-ng which runs on the ipod. So my question would be, has anyone ever encountered an instance of a .cap file created on solid hardware, with your version of airodump-ng, and which works just fine in your kernel with no apt-get and straight from dvd, not working on another platform in a different version of an application, aircrack-ng, though it opens just fine in yours?

The wireless tool library on the ipod is something different insofar as it does not include the other parts of that same library which are included in most other iterations of the library, such as airodump-ng, airmon-ng, aireplay-ng, etc. So I guess it's possible the different, ARM-based build of aircrack-ng might work so differently as to render the handshake generated by airodump-ng in BT4r2 unreadable. But I don't know, does anyone here have an Idea?

I see also that you have recently released BT5, and there is a specifically ARM-based version available, yet it is unclear whether I could use this, or any of its libraries on the ipod per se.

I have also not yet completed my .torrent DL of BT5, so have yet to ascertain whether the wireless tool library available therein has any different result for its .cap file as run on the ipod ARM processor. I will post a new reply once I have been able to determine the answers to any of these questions on my own, should I be able to do so.

Re: Aircrack-ng on ipod touch 2g

I have done some work with BT5 apt-get, etc....installed to usb stick, everything seems stable. However, the version of cowpatty in BT5 says the handshake is incomplete....hmmm. Anyone heard of an incomplete handshake working for pentest in bt4r2, but not bt5 or ARM iOS? Weird.

Re: Aircrack-ng on ipod touch 2g

Honestly, perhaps you should have read the entire post if you were going to comment. OP isn't even trying to use monitor mode on the iPod, OP is trying to use the iPod to run wordlist attacks on a .cap file that came from BT.

Unfortunately, I have no information to give on the topic. At least I did read the post a couple of times before making a useless comment.

Re: Aircrack-ng on ipod touch 2g

Maybe you should try to compile the same version of aircrack-ng suite in your ipod into your monitor-mode enabled machine, then re-cap the handshake/IVs with airodump and try the new .cap on your ipod.
The problem should be cause you're using different versions of aircrack-ng and/or libraries involved.
(Anyways I don't see the point of cracking a .cap without being able to monitor, except PoC maybe, my 2c)

Re: Aircrack-ng on ipod touch 2g

first things first: what tells you that you've captured a handshake at all? Capturing WPA handshakes is pretty tricky unless you're either very close to the AP and the client, or you have a nasty directional antenna. Use wireshark -R eapol on the cap file to see if you've actually captured it. Also, aircrack-ng has some amount of support for partial handshakes, and I've seen aircrack detect a handshake when cowpatty does not.

Another thing is that it's just a ridiculous inclination that your ipod is going to "unload" any significant amount of work from your main rig, unless your main rig is a netbook or something like that. I use a gtx570 w/ cuda along with a 3.2 quad core proc to crack WPA handshakes, and it can take hours... without the cuda, and with a little baby ipod proc, that would be like riding a motorcycle across the country, and trying to take a load off your bike by walking it part of the way. Although you can do it, the parallel computation required by this kind of crack that might take hours on any newer rig could take days and days on your ipod. Also, when that thing is running its going to draw heavily on the performance of the ipod, so you're not going to be able to use it for anything else in the meantime. If you never use it, then you could just pyrit --serve the thing, and use it as a core on whatever you're using as your main rig, but again the addition in performance will most likely be insignificant.
Just sayin..